https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26807#M11555 <HTML><HEAD></HEAD><BODY><P>I try to access another Rest service outside from Alfresco via ADF. Everytime I try to execute the call. I get the following error:</P><P></P><P>Access to XMLHttpRequest at 'https:/host/endpoint' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.</P><P></P><P>I also added the endpoint to the proxy.conf.json</P><P></P><PRE style="background-color: #2b2b2b; color: #a9b7c6; font-family: 'Courier New'; font-size: 9.0pt;"><SPAN style="color: #9876aa;">"/endpoint"</SPAN><SPAN style="color: #cc7832;">: </SPAN>{<BR /> <SPAN style="color: #9876aa;">"target"</SPAN><SPAN style="color: #cc7832;">: </SPAN><SPAN style="color: #6a8759;">"https://hostname"</SPAN><SPAN style="color: #cc7832;">,<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN><SPAN style="color: #9876aa;">"secure"</SPAN><SPAN style="color: #cc7832;">: false,<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN><SPAN style="color: #9876aa;">"changeOrigin"</SPAN><SPAN style="color: #cc7832;">: true<BR /></SPAN>}<BR /><BR /><BR /></PRE><P>With the same result as before.</P><P></P><P>I use the following class:</P><PRE style="background-color: #2b2b2b; color: #a9b7c6; font-family: 'Courier New'; font-size: 9.0pt;"><SPAN style="color: #cc7832;">export class </SPAN>ClassService {<BR /><BR /> <SPAN style="color: #cc7832;">constructor</SPAN>(<SPAN style="color: #cc7832;">private </SPAN><SPAN style="color: #9876aa;">http</SPAN>: HttpClient) {<BR /> }<BR /><BR /> <SPAN style="color: #cc7832;">private </SPAN><SPAN style="color: #ffc66d;">getLoginHeader</SPAN>(username: <SPAN style="color: #cc7832;">string, </SPAN>password: <SPAN style="color: #cc7832;">string</SPAN>) {<BR /><BR /> <SPAN style="color: #cc7832;">let </SPAN>Headers: HttpHeaders = <SPAN style="color: #cc7832;">new </SPAN>HttpHeaders()<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>console.<SPAN style="color: #ffc66d;">log</SPAN>(<SPAN style="color: #6a8759;">'Header ' </SPAN>+ <SPAN style="color: #6a8759;">'Basic ' </SPAN>+ <SPAN style="color: #ffc66d;">btoa</SPAN>(username + <SPAN style="color: #6a8759;">':' </SPAN>+ password))<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>Headers = Headers.<SPAN style="color: #ffc66d;">append</SPAN>(<SPAN style="color: #6a8759;">'Authorization'</SPAN><SPAN style="color: #cc7832;">, </SPAN><SPAN style="color: #6a8759;">'Basic ' </SPAN>+ <SPAN style="color: #ffc66d;">btoa</SPAN>(username + <SPAN style="color: #6a8759;">':' </SPAN>+ password))<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>Headers = Headers.<SPAN style="color: #ffc66d;">append</SPAN>(<SPAN style="color: #6a8759;">'Access-Control-Allow-Origin'</SPAN><SPAN style="color: #cc7832;">, </SPAN><SPAN style="color: #6a8759;">'*'</SPAN>)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>Headers = Headers.<SPAN style="color: #ffc66d;">append</SPAN>(<SPAN style="color: #6a8759;">'Content-Type'</SPAN><SPAN style="color: #cc7832;">, </SPAN><SPAN style="color: #6a8759;">'application/x-www-form-urlencoded'</SPAN>)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>console.<SPAN style="color: #ffc66d;">log</SPAN>(Headers)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> return </SPAN>Headers<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>}<BR /><BR /> <SPAN style="color: #ffc66d;">getBatchClasses</SPAN>(username: <SPAN style="color: #cc7832;">string, </SPAN>password: <SPAN style="color: #cc7832;">string </SPAN>) {<BR /><BR /> <SPAN style="color: #cc7832;">return this</SPAN>.<SPAN style="color: #9876aa;">http</SPAN>.<SPAN style="color: #ffc66d;">get</SPAN>&lt;<SPAN style="color: #cc7832;">any</SPAN>&gt;(<SPAN style="color: #6a8759;">'/dendpoint'</SPAN><SPAN style="color: #cc7832;">,<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>{<SPAN style="color: #9876aa;">headers</SPAN>: <SPAN style="color: #cc7832;">this</SPAN>.<SPAN style="color: #ffc66d;">getLoginHeader</SPAN>(username<SPAN style="color: #cc7832;">, </SPAN>password)}).<SPAN style="color: #ffc66d;">subscribe</SPAN>(response =&gt; {<BR /> console.<SPAN style="color: #ffc66d;">log</SPAN>(response)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>}<SPAN style="color: #cc7832;">, </SPAN>err =&gt; {<BR /> console.<SPAN style="color: #ffc66d;">log</SPAN>(<SPAN style="color: #6a8759;">'User authentication failed!'</SPAN>)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>})<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>}<BR /><BR /><BR /> <SPAN style="color: #ffc66d;">logout</SPAN>() {<BR /><BR /><BR /> localStorage.<SPAN style="color: #ffc66d;">removeItem</SPAN>(<SPAN style="color: #6a8759;">'token'</SPAN>)<SPAN style="color: #cc7832;">;<BR /></SPAN><SPAN style="color: #cc7832;"> </SPAN>}<BR /><BR />}</PRE><P></P><P></P><P></P><P></P><P>If I try to access it with Postman it works properly. That sounds for me, that ADF forces to use a repository webscript to access external resources. Is this correct? If not can somebody give me a hint?</P><P></P><P>Regards</P><P>Kaffi</P></BODY></HTML> Thu, 04 Apr 2019 11:43:11 GMT kaffi 2019-04-04T11:43:11Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26807#M11555 I try to access another Rest service outside from Alfresco via ADF. Everytime I try to execute the call. I get the following error:Access to XMLHttpRequest at 'https:/host/endpoint' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access Thu, 04 Apr 2019 11:43:11 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26807#M11555 kaffi 2019-04-04T11:43:11Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26808#M11556 <HTML><HEAD></HEAD><BODY><P>If you have made a change on proxy.conf.json then make sure that you are not touching app.config.json file.</P><P>OR&nbsp; else enable CORS in alfresco.</P><P></P><P>Please follow the link for ref&nbsp;<A _jive_internal="true" href="https://community.alfresco.com/community/application-development-framework/blog/2017/06/20/adf-cors-solving-strategies#jive_content_id_4_Enabling_CORS_in_Apache" rel="nofollow noopener noreferrer">https://community.alfresco.com/community/application-development-framework/blog/2017/06/20/adf-cors-solving-strategies#jive_content_id_4_Enabling_CORS_in_Apache</A>&nbsp;</P></BODY></HTML> Thu, 04 Apr 2019 17:37:24 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26808#M11556 yogeshpj 2019-04-04T17:37:24Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26809#M11557 <HTML><HEAD></HEAD><BODY><P>Thanks for the answer, but my question was more about the external rest service I want to call which is not running in Alfresco. Is it possible to access this external rest service directly, because I always get the CORS error, or do I need to access it over a webscript?</P></BODY></HTML> Fri, 05 Apr 2019 06:19:15 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26809#M11557 kaffi 2019-04-05T06:19:15Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26810#M11558 <HTML><HEAD></HEAD><BODY><P>In that external rest service ,you need to enable CORS.</P></BODY></HTML> Sun, 07 Apr 2019 04:32:44 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26810#M11558 sp2 2019-04-07T04:32:44Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26811#M11559 <HTML><HEAD></HEAD><BODY><P>If you are running ADF application on nginx then you can use proxy and then allow CORS on your system.</P></BODY></HTML> Mon, 08 Apr 2019 05:30:38 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26811#M11559 mdtabrezmca 2019-04-08T05:30:38Z https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26812#M11560 <HTML><HEAD></HEAD><BODY><P>This actually isn't an ADF specific question. It doesn't depend on ADF if you need CORS to access an external REST service or not.</P><P><BR />Do you need to configure CORS? It depends.<BR />Does the REST service run on the same domain &amp; port or on another domain or port?</P><P>In the first case you don't need it, in the second case you do.<BR />Also read this:&nbsp;<A href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" rel="nofollow noopener noreferrer">https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS</A></P><P></P><P>If it is an external resource (like in not a company resource), why isn't CORS already&nbsp;enabled on the resource? CORS needs to be configured on the external service, not on in ADF/Angular.&nbsp;Adding a CORS header client side won't help you.<BR />You always could proxy that resource (that's basically what proxy.conf.js does), but if CORS isn't present, are you allowed to consume that resource in that way?&nbsp;</P></BODY></HTML> Fri, 28 Jun 2019 12:53:04 GMT https://connect.hyland.com/t5/alfresco-forum/do-i-need-a-webscript-to-call-external-rest-server-cors/m-p/26812#M11560 d_m 2019-06-28T12:53:04Z